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AMENDMENTS TO THE CLAIMS 

1. (currently amended) A communication network, comprising: 

(A) local communication links, 

(B) a plurality of separately located central office switching systems interconnected 

via trunk circuits for selectively providing switched call connections between 
at least two of the local communication links in response to predetermined 
control data messages, 

(C) a signaling communication system for two-way communications of said control 

data messages between at least said central office switching systems, said 
signaling communication system interconnecting the central office switching 
systems; 

(D) a signaling gateway, separate from the central office switching systems and 

connected to said signaling communications system, said signaling gateway 
including an interface connected to a remote communications network and 
configured to exchange said control data messages between said remote 
communication network and said central office switching systems by way of 
said signaling communication system, and 

(E) a signaling system security monitor, separate from the central office switching 

systems, said signaling system security monitor including a plurality of 
message templates corresponding to approved individual ones of said control 
data messages , sequences of such control data messages and informational 
relationships between the data contents of such data me ssages, said signaling 
system security monitor being Tesnonsive to said mes sage templates to 
perform syntax and content dependent screening o f said control data 

messages, said content dependent screening including checking 

a ppropriateness of said control data messages in context of (i) a State of the 
communications network and (irt prior related messages. 

2 

PAGE 5/20 * RCVD AT 3/2/2008 12:22:21 PM [Eastern Standard Time] ■ SVR:USPTO-EFXRF^/19 * DNI8:2738300 " C8ID:9727183946 • DURATION (mm-ss>: 08-32 



, 03/02/06 THU 12:23 FAX 9727183946 



VERIZON IP 



USPATE NT- AMEND 



@] 006 



Application No.: 09/767,902 



Docket No.: 00-VE04.75A CIP 



2. (original) The communications network according to claim 1 wherein said plurality of 
message templates are associated with a plurality of service providers. 

3. (currently amended) The communications network according to claim 2 wherein said 
signaling system security monitor associates each of said control data messages with a 
corresponding one of said service providers and selects one or more of said message 
templates in response to the corresponding to one of said service providers. 

4. (original) The communications network according to claim 1 wherein said signaling 
system security monitor includes a memory storing sets of templates, each of said sets 
corresponding to control messages appropriate to particular call progress or transaction flow. 

5. (original) The communications network according to claim 4 wherein said templates 
define message formats, parameters and values associated with control message types 
selected from MTP, SCCP, ISUP, TCAP and AIN type messages. 

6. (currently amended) The communications network according to claim 4 wherein said 
signaling system security monitor is configured to select from among said sets of templates in 
response to service provider authorization data associated with respective ones of said control 
data messages. 

7. (currently amended) The communications network according to claim 1 wherein said 
signaling system security monitor is configured to selectively communicate and ssfcctively 
modify so as to bring into conformance with expectations said control data messages between 
said signaling gateway and corresponding ones of said central office switching systems by 
way of said signaling communication system in response to said control messages satisfying 
criteria specified by corresponding ones of said templates. 
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8. (currently amended) The communications network according to claim 1 wherein said 
signaling system security monitor is configured to selectively £i) enable and inhibit said 
signaling gateway from exchanging and (ii) modify so as to bri ny into conformance with 
expectations said control data messages between said central office switching systems by way 
of said remote communication network and said signaling communication system. 

9. (original) The communications network according to claim 1 wherein said signaling 
system security monitor includes a memory storing states of respective ones of said central 
office switching systems, said signaling system security monitor responsive to said states for 
selecting ones of said templates. 

10. (original) The communications network according to claim 1 wherein said signaling 
gateway further comprises a signal protocol converter configured to convert SS7 type 
messages to another packet data format. 

1 1 . (original) The communications network according to claim 10 wherein the other packet 
data format is an Internet Protocol (IP) format. 

12. (original) The communications network according to claim 1 wherein said signaling 
system security monitor is configured to monitor information contained in an MTP Layer 3 
portion of said control data messages. 

13. (original) The communications network according to claim 12 wherein said information 
contained in said MTP Layer 3 portion of said control data messages includes (i) a 
destination point code, (ii) an originating point code, and (iii) a service indicator octet. 
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14. (original) The communications network according to claim 12 wherein said signaling 
system security monitor is configured to monitor at least one of MTP, SCCP, ISUP, TCAP, 
and AIN messages. 

15. (original) The communications network according to claim 12 wherein said signaling 
system security monitor is configured to monitor a plurality of message types selected from 
MTP, SCCP, ISUP, TCAP, and AIN type messages. 

16. (original) The communications network according to claim 12 wherein said signaling 
system security monitor is configured to monitor calling and called party address parameters 
contained in SCCP message portions of said control data messages. 

17. (original) The communications network according to claim 16 wherein said signaling 
system security monitor is configured to determine if said monitored calling and called party 
address parameters are consistent with an authorized signaling relationship. 

18. (currently amended) The communications network according to claim 12 wherein said 
signaling system security monitor is configured to monitor origination and destination point 
codes and calling and called party address parameters contained in the header of an SCCP a 
TCAP message of said control data messages. 

19. (original) The communications network according to claim 12 wherein said signaling 
system security monitor is configured to monitor the originating and destination point code 
parameters contained in the MTP message portion, as well as the calling and called party 
address parameters found in the SCCP message portion of said control data messages and 
determine if a particular originating application is authorized to send a particular TCAP 
message to a particular destination application. 
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20. (original) The communications network according to claim 1 wherein said signaling 
system security monitor includes a memory storing a state of said communications network. 

21. (original) The communication network according to claim 1 wherein said signaling 
system security monitor includes a memory storing permissible states of said 
communications network and said templates include data indicating allowable next one(s) of 
said states. 

22. (original) The communications network according to claim 1 wherein said signaling 
system security monitor includes a memory storing data relating call progress status with 
respective sets of control messages appropriate to initiate a next action consistent with a 
particular service. 

23. (original) The communications network according to claim 1 wherein said signaling 
system security monitor includes a memory storing data relating a transaction state with 
respective sets of control messages appropriate to initiate a next action consistent with a 
particular service. 

24. (original) The communications network according to claim 1 wherein said signaling 
system security monitor comprises a certification agent configured to exchange and maintain 
encryption key certificates. 

25. (original) The communications network according to claim 1 wherein said signaling 
system security monitor is configured to issue and decrypt digital time stamps. 

26. (currently amended) A method of securely interfacing control links of respective 
communication networks, comprising the steps of:, 

storing a plurality of control message templates; 
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exchanging control data messages between a remote communication network and a 
plurality of switching systems via a local signaling communication system; 

selecting ones of said control message templates in response to respective ones of said 
control messages; 

determining, using said template^, if said control data messages are proper including, 
responsive to said message templates, performing syntax and content dependent screening of 
said control data messages, said ciontent dependen t screening including checking 
a ppropriateness of said control data messages in context of (i) a state of the communications 
network and (ii) prior related messages ; ; 

in response to said determininig step, selectively communicating and selectively 
modifying so as to bring into conforniance iwit h expectations said in rooponGQ to said 
determining step ? control data; messages between said central office switching 
systems; j 

selectively routing messages from an incoming link to an outgoing link in response to 
said control data messages; and 

selectively generating control messages to help restore system integrity in cases where 
control messages are disallowed.! 

27. (original) The method according ti> claim 26Vherein said plurality of control message 
templates are associated with a plurality of service providers. 

28. (currently amended) The method according to claim 26 further comprising steps of: 
associating each of said control data messages with a corresponding one of said service 
providers; and 

selecting one or more of said message templates in response to the corresponding one of said 
service providers. 
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29. (original) The method according to Claim 26 wherein each of said templates corresponds 
to an appropriate one of (i) call progress flow and (ti) transaction processing protocol. 

30. (currently amended) The method According to claim 26 wherein said templates define 
message formats, parameters aad valuei and relation s hips among messages, parameters and 
values associated with control message types selected from MTP, SCCP, ISUP, TCAP and 
AIN type messages. 

31. (original) The method according to claim 26 further comprising a step of selecting said 
sets of templates in response to service provider authorization data associated with respective 
ones of said control data messages. 

32. (currently amended) The method according; to claim 26 further including a step of 
selectively (i) enabling and inhibiting a signaling gateway from exchanging and (ii) 
modifying so as to brine into conformance with expectations said control data messages 
between said remote communication network and said signaling communication system. 
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